1bebaffd89fdbfc6cf9c4c1fc12e09332ef847bbf934aa384bc79ede7c8ffa79 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

JEx Bot v6...in.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

JEx Bot v6.3.zip
Size

10.3MB
Sample

221015-exb5lsfbd9
MD5

aa1c6b4d7ff84548fb89ceb9dfb23138
SHA1

3e884f060c31ca949383e7d2a0eb73d92d32fbcb
SHA256

1bebaffd89fdbfc6cf9c4c1fc12e09332ef847bbf934aa384bc79ede7c8ffa79
SHA512

ad2bf3cb09a0433e0a9a4768cce2b684b2ea22e0ccb79e3bfe36c9ec16ec3d5afa222480c1ed4276cf72e4c450910f6c8f3fedfdfa1a45038e1a1348a18a8a77
SSDEEP

196608:vutebYsQpYcDlsHVRfEJxk6X0/rvIb0KqQJbDxC6TgOHLofS/s2ujEF1ZxxTy3zM:vuteb/8HcjfEPs/MwAR7sOHxum1Zje3o

Score

8^/10

persistence pyinstaller

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JEx Bot v6.3/jmain.exe

Resource

win10v2004-20220901-en

persistence pyinstaller

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  JEx Bot v6.3/jmain.exe
- Size
  
  9.9MB
- MD5
  
  a7162c790945240d207d5667a04fc8ef
- SHA1
  
  586dd49d2c6a16d090726a8e091f8ac9b02fd504
- SHA256
  
  128b8fe3a1d557d1cf5323212747fca85ea82e85a29ef6a9baa66010332a18b9
- SHA512
  
  ffe9a8bcb97e8eca2e7a7a731b25f50b4e4ef6e8d0dc647222a5a1ce32044c1c0228146f960d8be43b8a538e5ce63db5be3db15e7e05e30de5d53f2d40e1b4fd
- SSDEEP
  
  196608:H+9qQ30JQMy+ofSsmxL2Vmd6+D5ulOToPVIn+LH/+z3+0gr/pA833rwz9g:e9iJe+ooL2Vmd6m5FTodIn+LH/+za/li
Score

8^/10

persistence pyinstaller
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencepyinstaller

© 2018-2025

Terms | Privacy